This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/x2carAIaVgKjSsDGLEB8OLFM8NE.roa File: x2carAIaVgKjSsDGLEB8OLFM8NE.roa (raw, json) Hash identifier: rttqg5eKj+V5DoEj4lQNOSz4ZdWbLM3E0GMVNzsZGEw= Subject key identifier: C7:67:1A:AC:02:1A:56:02:A3:4A:C0:C6:2C:40:7C:38:B1:4C:F0:D1 Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e Certificate serial: 019B7910D58D7DDC1204BC1F9DD44184D8BE Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/x2carAIaVgKjSsDGLEB8OLFM8NE.roa Signing time: Thu 01 Jan 2026 10:18:24 +0000 ROA not before: Thu 01 Jan 2026 10:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15854 IP address blocks: 149.250.0.0/16 maxlen: 16 192.109.236.0/24 maxlen: 24 195.203.0.0/17 maxlen: 17 195.203.128.0/17 maxlen: 17 195.203.152.0/23 maxlen: 23 217.27.0.0/23 maxlen: 23 217.27.2.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:d5:8d:7d:dc:12:04:bc:1f:9d:d4:41:84:d8:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e Validity Not Before: Jan 1 10:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c7671aac021a5602a34ac0c62c407c38b14cf0d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:03:df:d8:e9:59:b5:ed:af:f0:f5:b6:2e:65: 5c:16:4c:4d:13:7c:51:77:53:1b:47:39:15:13:2d: 45:65:26:67:70:f1:e1:2d:92:77:30:8d:34:46:68: 69:81:e7:20:57:0a:c1:8a:c8:c4:08:ed:a1:aa:e1: b6:cc:35:4f:bb:d0:90:44:4b:df:c7:88:9c:9c:3a: 2c:1d:76:8a:b1:72:75:6c:78:8e:2a:b2:a4:eb:e5: c4:bf:3f:55:04:a1:e5:82:eb:2b:e2:b2:3f:a6:72: 23:5d:76:e8:f2:11:1a:af:a0:5e:96:da:a7:17:1e: b2:86:b1:ff:41:fa:f6:d1:cd:45:f6:27:67:17:66: dc:19:00:d9:b8:61:bd:21:d9:3e:11:d3:04:69:83: 32:f6:63:ea:d7:be:cb:c9:c2:e0:f2:b0:19:aa:ae: c4:3b:1e:74:27:db:b7:9a:e3:16:6c:66:e4:02:62: e1:57:70:f6:9c:73:17:de:a7:c1:01:a8:69:f8:68: ba:6d:27:49:f0:9f:1e:8a:24:fd:1e:00:d3:fe:42: 03:72:6e:cb:38:5e:5f:5c:c2:ec:29:d4:35:b7:1c: d0:12:41:24:b9:96:54:32:72:a1:35:c2:08:22:21: db:f5:9f:57:f7:35:d9:65:73:72:49:c9:8a:d0:63: 52:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:67:1A:AC:02:1A:56:02:A3:4A:C0:C6:2C:40:7C:38:B1:4C:F0:D1 X509v3 Authority Key Identifier: keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/x2carAIaVgKjSsDGLEB8OLFM8NE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 149.250.0.0/16 192.109.236.0/24 195.203.0.0/16 217.27.0.0/22 Signature Algorithm: sha256WithRSAEncryption 45:b7:3e:a6:a9:08:51:86:c9:31:78:65:45:98:83:0d:a1:ba: d3:d9:0a:24:0d:3c:b8:5b:2f:17:c0:4b:a4:28:75:0e:4c:c7: 1a:c9:ff:e4:d9:d2:5c:c3:ca:ed:5f:59:4d:49:0f:d3:6c:80: c4:97:0a:59:5f:a4:32:ec:b8:8d:fd:d5:23:d7:cc:e6:24:70: 86:5a:08:76:9e:4a:a0:68:8f:0a:8b:06:30:00:62:aa:9f:1c: 0c:70:bb:44:37:f7:bb:3b:d7:43:37:66:51:20:80:83:e7:12: 6e:8f:35:00:07:9a:ce:c5:12:d6:c4:2c:15:c1:4d:00:70:cd: 7e:7e:97:d3:00:31:43:9c:7a:8a:5e:fa:f6:e4:53:f7:23:80: 04:a2:aa:34:cb:53:85:44:a6:b9:dc:fa:82:d4:9f:89:d4:de: 9e:a7:ea:56:c5:8f:2f:12:cd:d0:e4:4b:a1:21:e8:0e:ef:3e: da:09:52:cb:f5:9c:e5:d5:5a:70:b0:15:26:6d:07:c1:75:92: bb:2d:91:73:98:22:c4:d2:cb:04:99:87:f4:30:f1:e4:90:91: c9:9b:1a:fb:41:88:df:44:d0:33:31:07:88:73:78:64:ce:ec: 53:83:02:df:9d:d6:f6:a3:3b:31:ab:d8:b2:6c:0c:61:c6:33: a9:9d:e8:9a -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt5ENWNfdwSBLwfndRBhNi+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm MmNmNGUwHhcNMjYwMTAxMTAxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzY3MWFhYzAyMWE1NjAyYTM0YWMwYzYyYzQwN2MzOGIxNGNmMGQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAPf2OlZte2v8PW2LmVcFkxNE3xR d1MbRzkVEy1FZSZncPHhLZJ3MI00RmhpgecgVwrBisjECO2hquG2zDVPu9CQREvf x4icnDosHXaKsXJ1bHiOKrKk6+XEvz9VBKHlgusr4rI/pnIjXXbo8hEar6Beltqn Fx6yhrH/Qfr20c1F9idnF2bcGQDZuGG9Idk+EdMEaYMy9mPq177LycLg8rAZqq7E Ox50J9u3muMWbGbkAmLhV3D2nHMX3qfBAahp+Gi6bSdJ8J8eiiT9HgDT/kIDcm7L OF5fXMLsKdQ1txzQEkEkuZZUMnKhNcIIIiHb9Z9X9zXZZXNyScmK0GNSTwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFMdnGqwCGlYCo0rAxixAfDixTPDRMB8GA1UdIwQY MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt ODY0MjM4YmMwNDliLzEveDJjYXJBSWFWZ0tqU3NER0xFQjhPTEZNOE5FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAcBAIAATAWAwMAlfoDBADA bewDAwDDywMEAtkbADANBgkqhkiG9w0BAQsFAAOCAQEARbc+pqkIUYbJMXhlRZiD DaG609kKJA08uFsvF8BLpCh1DkzHGsn/5NnSXMPK7V9ZTUkP02yAxJcKWV+kMuy4 jf3VI9fM5iRwhloIdp5KoGiPCosGMABiqp8cDHC7RDf3uzvXQzdmUSCAg+cSbo81 AAeazsUS1sQsFcFNAHDNfn6X0wAxQ5x6il769uRT9yOABKKqNMtThUSmudz6gtSf idTenqfqVsWPLxLN0ORLoSHoDu8+2glSy/Wc5dVacLAVJm0HwXWSuy2Rc5gixNLL BJmH9DDx5JCRyZsa+0GI30TQMzEHiHN4ZM7sU4MC353W9qM7MavYsmwMYcYzqZ3o mg== -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:45 2026 by rpki-client